Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/p_QYv0L6aYK512B3fR5CFvOoznk.roa
File: p_QYv0L6aYK512B3fR5CFvOoznk.roa (raw, json)
Hash identifier: aDfS/bDbCsW3S/qJ7SubMpjp1TuE7mqqhF55UFptL5k=
Subject key identifier: A7:F4:18:BF:42:FA:69:82:B9:D7:60:77:7D:1E:42:16:F3:A8:CE:79
Certificate issuer: /CN=e2d0c49a0e97e0d5f3ced3b7b6b9f72ca0cb53d6
Certificate serial: 01942747CC4F00989E30443399BED986D1AC
Authority key identifier: E2:D0:C4:9A:0E:97:E0:D5:F3:CE:D3:B7:B6:B9:F7:2C:A0:CB:53:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4tDEmg6X4NXzztO3trn3LKDLU9Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/p_QYv0L6aYK512B3fR5CFvOoznk.roa
Signing time: Thu 02 Jan 2025 13:50:04 +0000
ROA not before: Thu 02 Jan 2025 13:50:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21211
IP address blocks: 62.192.180.0/23 maxlen: 23
62.192.182.0/23 maxlen: 23
147.78.112.0/23 maxlen: 23
147.78.114.0/23 maxlen: 23
171.22.4.0/23 maxlen: 23
171.22.6.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/4tDEmg6X4NXzztO3trn3LKDLU9Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/4tDEmg6X4NXzztO3trn3LKDLU9Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/4tDEmg6X4NXzztO3trn3LKDLU9Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 12 Apr 2025 14:34:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:cc:4f:00:98:9e:30:44:33:99:be:d9:86:d1:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2d0c49a0e97e0d5f3ced3b7b6b9f72ca0cb53d6
Validity
Not Before: Jan 2 13:50:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a7f418bf42fa6982b9d760777d1e4216f3a8ce79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:86:e4:19:54:a2:e6:4d:70:95:0e:ee:0d:c9:
00:fd:7f:ef:cd:7f:c5:68:9e:24:1e:e9:a6:24:8b:
22:97:d3:2b:52:96:3f:4e:5b:c9:7c:92:5e:c7:97:
4e:c2:8f:d8:df:73:a4:ff:e0:c5:37:11:a7:bb:50:
53:19:04:01:c5:89:d3:10:22:4f:14:b4:c3:41:4d:
a0:9a:96:00:9a:11:fa:87:a4:7e:61:e7:13:33:06:
d4:ec:1f:ee:c8:76:e7:86:47:9e:be:57:52:5a:4f:
e8:5a:63:06:bf:2a:dc:94:ab:ca:0b:9f:11:78:36:
06:cf:bb:df:77:3d:1f:75:58:41:2b:68:f9:0d:6f:
33:dd:54:69:03:a8:de:07:df:48:14:f9:0a:15:1e:
b6:9b:e8:31:de:8c:ff:b8:a6:c4:a4:f1:d9:df:87:
61:46:9c:64:be:bc:26:9e:e1:68:37:50:88:6d:b3:
e7:a0:4a:94:4b:92:b0:a1:53:f6:c5:db:ee:bf:ab:
1a:cb:eb:df:f7:f9:77:f0:fb:4c:32:3a:bc:c4:02:
e4:63:fe:63:0c:72:80:13:ab:ce:40:40:fd:a8:c8:
22:f7:56:e0:e2:b3:e8:30:3c:8c:44:d0:41:9b:64:
e9:82:e9:3f:d5:af:a9:b1:2f:1d:5d:1d:91:fd:9c:
c3:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:F4:18:BF:42:FA:69:82:B9:D7:60:77:7D:1E:42:16:F3:A8:CE:79
X509v3 Authority Key Identifier:
keyid:E2:D0:C4:9A:0E:97:E0:D5:F3:CE:D3:B7:B6:B9:F7:2C:A0:CB:53:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tDEmg6X4NXzztO3trn3LKDLU9Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/p_QYv0L6aYK512B3fR5CFvOoznk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/4tDEmg6X4NXzztO3trn3LKDLU9Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.192.180.0/22
147.78.112.0/22
171.22.4.0/22
Signature Algorithm: sha256WithRSAEncryption
7d:de:27:fe:7c:cb:27:f4:a7:0d:f4:22:75:6f:df:fc:45:6c:
18:16:fa:1f:85:46:d8:de:51:83:f4:4c:14:95:64:ce:07:5c:
78:88:2a:58:7a:51:9a:57:25:d9:6a:0a:66:04:a3:99:66:66:
a3:09:79:b0:66:1d:90:c1:4c:f6:2b:c7:72:70:4e:99:ac:46:
fa:ae:42:3b:90:72:2f:11:1d:9b:da:b7:25:a5:8e:6f:44:06:
ed:47:dc:c7:21:f6:ac:d2:cb:6d:63:46:8a:8a:83:3a:29:44:
3c:48:a8:80:cc:fa:6c:44:ae:74:a1:cc:75:82:1b:e4:d1:a1:
37:3b:26:d0:a7:86:b7:a2:de:c8:db:2f:01:ef:b3:1b:d2:3c:
a9:3b:0a:28:c6:24:96:0a:a3:85:a3:f7:eb:df:0f:b7:93:d3:
70:05:c8:a2:d4:55:a3:6b:9d:28:e6:80:95:31:83:4a:e6:51:
e2:f9:3a:22:bb:55:6d:17:b0:9a:12:d4:97:d4:bf:3f:b7:8a:
66:0e:df:58:c2:1a:81:0c:99:35:ed:20:53:20:4b:1f:7b:92:
08:47:4e:9b:ef:2a:1e:a8:5a:f6:dc:6a:03:72:63:3a:d2:11:
70:f5:d7:7c:f6:28:c4:a4:d0:f7:e8:f0:2b:57:d1:58:2b:5b:
48:b6:28:85
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQnR8xPAJieMEQzmb7ZhtGsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDBjNDlhMGU5N2UwZDVmM2NlZDNiN2I2YjlmNzJjYTBj
YjUzZDYwHhcNMjUwMTAyMTM1MDA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhN2Y0MThiZjQyZmE2OTgyYjlkNzYwNzc3ZDFlNDIxNmYzYThjZTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmIbkGVSi5k1wlQ7uDckA/X/vzX/F
aJ4kHummJIsil9MrUpY/TlvJfJJex5dOwo/Y33Ok/+DFNxGnu1BTGQQBxYnTECJP
FLTDQU2gmpYAmhH6h6R+YecTMwbU7B/uyHbnhkeevldSWk/oWmMGvyrclKvKC58R
eDYGz7vfdz0fdVhBK2j5DW8z3VRpA6jeB99IFPkKFR62m+gx3oz/uKbEpPHZ34dh
RpxkvrwmnuFoN1CIbbPnoEqUS5KwoVP2xdvuv6say+vf9/l38PtMMjq8xALkY/5j
DHKAE6vOQED9qMgi91bg4rPoMDyMRNBBm2Tpguk/1a+psS8dXR2R/ZzD7QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKf0GL9C+mmCuddgd30eQhbzqM55MB8GA1UdIwQY
MBaAFOLQxJoOl+DV887Tt7a59yygy1PWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHRERW1nNlg0Tlh6enRPM3RybjNMS0RMVTlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC85ZjBmN2EtMTFlYi00MzgzLWJjNmEt
NDY5MGEwMDcxNDFmLzEvcF9RWXYwTDZhWUs1MTJCM2ZSNUNGdk9vem5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC85ZjBmN2EtMTFlYi00MzgzLWJjNmEtNDY5MGEwMDcxNDFm
LzEvNHRERW1nNlg0Tlh6enRPM3RybjNMS0RMVTlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCPsC0AwQC
k05wAwQCqxYEMA0GCSqGSIb3DQEBCwUAA4IBAQB93if+fMsn9KcN9CJ1b9/8RWwY
FvofhUbY3lGD9EwUlWTOB1x4iCpYelGaVyXZagpmBKOZZmajCXmwZh2QwUz2K8dy
cE6ZrEb6rkI7kHIvER2b2rclpY5vRAbtR9zHIfas0sttY0aKioM6KUQ8SKiAzPps
RK50ocx1ghvk0aE3OybQp4a3ot7I2y8B77Mb0jypOwooxiSWCqOFo/fr3w+3k9Nw
Bcii1FWja50o5oCVMYNK5lHi+Toiu1VtF7CaEtSX1L8/t4pmDt9YwhqBDJk17SBT
IEsfe5IIR06b7yoeqFr23GoDcmM60hFw9dd89ijEpND36PArV9FYK1tItiiF
-----END CERTIFICATE-----
Generated at Fri Apr 11 23:44:21 2025 by rpki-client